summaryrefslogtreecommitdiff
path: root/random-seed.service
diff options
context:
space:
mode:
authorAlex Xu (Hello71) <alex_y_xu@yahoo.ca>2018-08-08 23:13:59 -0400
committerAlex Xu (Hello71) <alex_y_xu@yahoo.ca>2018-08-08 23:13:59 -0400
commita259e71858ba80af89b192a34275fb0048f30ef1 (patch)
treecf7ec6c02060567175ff16fdccb7328ac5a5f9eb /random-seed.service
parent75b4f9e76ed827bbe10a12f87eb34c744bf829b4 (diff)
downloadrandom-seed-a259e71858ba80af89b192a34275fb0048f30ef1.tar.xz
random-seed-a259e71858ba80af89b192a34275fb0048f30ef1.zip
Add systemd units, DESTDIR support
Diffstat (limited to 'random-seed.service')
-rw-r--r--random-seed.service28
1 files changed, 28 insertions, 0 deletions
diff --git a/random-seed.service b/random-seed.service
new file mode 100644
index 0000000..04b2ef5
--- /dev/null
+++ b/random-seed.service
@@ -0,0 +1,28 @@
+[Unit]
+Description=Random seed load/save
+Documentation=man:random-seed(8) man:random(4)
+DefaultDependencies=no
+RequiresMountsFor=/var/lib
+Conflicts=shutdown.target
+After=systemd-remount-fs.service
+Before=sysinit.target shutdown.target
+ConditionVirtualization=!container
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=/usr/local/sbin/random-seed load
+ExecStop=/usr/local/sbin/random-seed save
+CapabilityBoundingSet=CAP_SYS_ADMIN
+NoNewPrivileges=yes
+PrivateDevices=yes
+PrivateNetwork=yes
+ProtectKernelTunables=yes
+ProtectKernelModules=yes
+LockPersonality=yes
+TemporaryFileSystem=/:ro
+BindPaths=/var/lib
+TimeoutSec=30s
+
+[Install]
+WantedBy=sysinit.target